Biz & IT —

A raft of updates to Azure introduced at TechEd.

At TechEd in Houston today, Microsoft announced a wide range of updates to its Azure cloud platform. As has become customary for Azure updates, the new features announced today include a mix of previews of brand-new capabilities, and general availability releases of features previously only in preview.

In the general availability bucket are a set of new networking options for connectivity to Azure. Currently, Azure users connect to Azure through a mix of public Internet addresses and private VPNs, with all traffic going over the Internet. The new ExpressRoute capability provides a third option: direct private connections to Azure, either through exchange providers, or by connecting Azure to existing corporate WANs.

ExpressRoute will be offered with a 99.9 percent SLA and four bandwidth tiers: 200Mbps, 500Mbps, 1Gbps, and 10Gbps. Though now generally available, the connectivity is currently limited to connections via two US sites—Silicon Valley and Washington, DC—and London. Microsoft intends to make it available in 13 further locations by the end of the year.

Organizations using the existing VPN connectivity will also have new options. Previously, Azure's virtual networks could only have a single on-premises endpoint, so there was no good way for multiple Azure virtual networks (in different data centers, say) to communicate with different corporate locations or with each other. Today, multiple site connections are possible, and virtual networks can be joined to each other, addressing both of these shortcomings.

Microsoft is also announcing finer control of the public IP addresses exposed by Azure virtual machines. Going into general availability today is the ability to reserve public IPs on the Azure load balancer. This will allow applications to be exposed at the same public IP address, even when the virtual machines are reprovisioned. And going into public preview today is the ability to give individual virtual machines public IP addresses, so that non-load-balanced services, such as FTP or system monitoring, can be used.

That load balancing is becoming smarter, too, with the general availability of the ability to use non-Azure endpoints with Traffic Manager. This enables Azure to balance traffic across services using Azure, other cloud services, and on-premises systems. Going into preview is the ability to load balance traffic across private virtual networks.

Microsoft is making Azure more effective for a wider range of tasks with the general availability of two new large virtual machine classes. A8 virtual machines will offer 8 cores and 56GB of RAM. A9 virtual machines have 16 cores and 112GB of RAM. These virtual machines will also include 40Gbps InfiniBand networking. This should extend Azure's reach into certain kinds of compute-intensive tasks such as modelling and simulation for engineering and scientific computing.

Further Reading

The ability to send data to Azure by hard disk, announced last year, is now also generally available from today.

Perhaps the biggest feature announced in preview today is Azure Files. Azure already has a range of storage options, include queues, tables, virtual hard disks, and arbitrary blocks of binary data. Azure Files provides another option: Azure can offer storage space using the SMB 2.1 protocol. This storage space can then be accessed by Windows' native networking (or Samba, on Linux) to provide a persistent location to store file-based data. Previously, this would require Azure users to run their own virtual machine to offer the file shares. Azure Files removes that management overhead.

Joining these are previews of an API management service, for developers that publish APIs from Azure, and BizTalk Hybrid Connections, that can connect BizTalk in the cloud to on-premises data. The new Azure Managed Cache is now generally available, and a preview of a cache using the open source Redis cache is now in preview.

Security and control of access to data in the cloud are some of the biggest roadblocks to wider adoption of cloud services. Microsoft is announcing some services that should be useful. First is a preview of anti-malware for Azure virtual machines. This service allows anti-malware software (from Symantec, Trend Micro, or Microsoft) to be injected into virtual machines.

Trend Micro will also be offering a disk encryption service for Azure. This will allow Azure to use encrypted disks with the keys to those disks held by Trend Micro servers based in Germany. This may prove attractive to organizations concerned at the US government's ability to request access to data held by US companies, even when that data is held abroad. With this kind of encryption system, Microsoft would only be able to hand over an encrypted copy of the data, and wouldn't have access to the relevant keys.

Finally, Microsoft is extending Azure beyond its current Infrastructure as a Service and Platform as a Service options with Azure RemoteApp. With RemoteApp, organizations can run desktop applications in the cloud and deliver them to end users using remote desktop software on Windows, OS X, iOS, and Android.

12 Reader Comments

I actually really like the fact that they're handing off their keys to a non-US company. Wonder if this will become a good corporate reaction to increased risks from governments. Create networks of companies that each protect the other's data.

Hell, if I had the funds, I'd create wholly legitimate tech companies whose sole purpose was to handle encryption keys for other companies who operate in countries where increased spying is a real risk. Sure, if they want to try to break the encryption, they can. It doesn't even have to be a wildly profitable venture, honestly, but that sort of service could be valuable for many people.

I actually really like the fact that they're handing off their keys to a non-US company. Wonder if this will become a good corporate reaction to increased risks from governments. Create networks of companies that each protect the other's data.

Hell, if I had the funds, I'd create wholly legitimate tech companies whose sole purpose was to handle encryption keys for other companies who operate in countries where increased spying is a real risk. Sure, if they want to try to break the encryption, they can. It doesn't even have to be a wildly profitable venture, honestly, but that sort of service could be valuable for many people.

The important feature I think is that Trend Micro is Japanese, so it's harder for the US government to pressure them.

Not familiar with Japan are you ...

Additionally Trend isn't really a Japanese company, it was started by a group of Taiwanese business people in LA and only moved to Japan after acquiring a company that had more people in Japan. They are effectively still a very US company.

MS Azure has evolved at such a pace that their certification exams and books cannot keep up. It is great to see the platform matures, providing more choices for consumers and competition for AWS and Google.

The important feature I think is that Trend Micro is Japanese, so it's harder for the US government to pressure them.

Not familiar with Japan are you ...

Additionally Trend isn't really a Japanese company, it was started by a group of Taiwanese business people in LA and only moved to Japan after acquiring a company that had more people in Japan. They are effectively still a very US company.

Clearly the answer is a large boat that never leaves international waters...

The important feature I think is that Trend Micro is Japanese, so it's harder for the US government to pressure them.

Not familiar with Japan are you ...

Additionally Trend isn't really a Japanese company, it was started by a group of Taiwanese business people in LA and only moved to Japan after acquiring a company that had more people in Japan. They are effectively still a very US company.

Clearly the answer is a large boat that never leaves international waters...

But wait, what country has the world's largest and by a long shot most superior navy?

The important feature I think is that Trend Micro is Japanese, so it's harder for the US government to pressure them.

Not familiar with Japan are you ...

Additionally Trend isn't really a Japanese company, it was started by a group of Taiwanese business people in LA and only moved to Japan after acquiring a company that had more people in Japan. They are effectively still a very US company.

Clearly the answer is a large boat that never leaves international waters...

But wait, what country has the world's largest and by a long shot most superior navy?

Have it registered in Russia. Or just stop using 3rd party cloud if you actually care about the security of your data.

I wish they implemented IPv6 support. Even if it's only rudimentary at first. Our entire product resides on Azure and we want to prepare for IPv6 support. However, currently al we can do is theoretical implementation, there is no way of knowing it could actually works in a real world situation.

At the moment the issue is not big enough to leave Azure because of it but it will likely be in twelve months from now as we are hoping to enter the Indian market where IPv4 is a nightmare.

Its data time guys, I've crossed another hurdle, now I can store Domegemegrottebyte of data in 100 bytes file. It applied practically. It is the biggest achievement of the DATA STORAGE & HANDLING technology ever.

Until now, I had no idea an Azure VM came with no public IP. That Azure now offers that gets a "What took you so long?" reaction from me. Any $20 virtual private server from any 2 bit hosting company offers a virtual public IP. Hell even AWS free tier gives you a public IP, though it won't persist across reboots IIRC.

Azure is so advanced in some places, yet feels defecient in others. I don't get the SMB 2.1 AzureFile product. MS has something really special and amazing with SMB 3.0 ("The future of storage," EMC, parent of VMware called it), and with ExpressLane or whatever it's called, you could really build a kick-ass on-prem to Azure cloud SMB 3 multi-channel DFS target....but apparently you can only use SMB 2 for Azure File storage.